Dynamically adaptive framework and method for classifying malware using intelligent static, emulation, and dynamic analyses
US10713362B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Mar 5, 2018 |
| Grant date | Jul 14, 2020 |
| Priority date | — |
| Expiry date | May 26, 2038 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/034
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A method of detecting malware in a specimen of computer content or network traffic is described. The method features conducting a first analysis on the specimen in accordance with a first plurality of analyses and an order of the first plurality of analyses. A second analysis is conducted on the specimen different than the first analysis type. Thereafter, further analyses on the specimen may be altered by modifying information associated with the first plurality of analyses or the order of the first plurality of analyses in response to feedback information based on results from at least the first analysis. The modified information changes a malware analysis of the specimen from being conducted in accordance with the first plurality of analyses to being conducted in accordance with a second plurality of analyses different in analysis type or in order of analyses than the first plurality of analyses.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.